<?php
    require_once('mysql.php');
	session_start();
	if(isset($_POST['dn']))
	{
     $username = addslashes($_POST['texttaikhoan']);
     $password = md5(addslashes($_POST['textmatkhau']));
    
    $r="SELECT NhomUser,TenDN,Matkhau,IDUser,Hoten,Email from user where TenDN='{$username}'";
	$q= mysqli_query($dbc,$r) or die(mysqli_error($dbc));
    $member = mysqli_fetch_array($q);
	
    if(mysqli_num_rows($q) <=0 )
	{
         print "tên truy cập không tồn tại <a href='javascript:history.go(-1)'> quay trở lại </a>";
    exit;
    }
    
    if($password != $member['Matkhau']){
         print "nhập sai mật khẩu <a href='javascript:history.go(-1)'> quay trở lại </a>";
    exit;
    }   
	$_SESSION['IDUser']= $member['IDUser'];
	$_SESSION['Matkhau']= $member['Matkhau'];
    $_SESSION['Nhomuser'] = $member['NhomUser'];
	$_SESSION['Hoten'] = $member['Hoten'];
	$_SESSION['Email'] = $member['Email'];
	
	//dieu huong
	if($member['NhomUser'] == 2)
	{
	include("admin.php");	
		
	}
	if($member['NhomUser'] == 1)
	{
	include("../editor/editor.php");	
		
	}
	if($member['NhomUser'] == 0)
	{
		include('trangchinh.php');
	}
	if(isset($_POST['dx']))
	{
		session_destroy();
	}
	} 
	else{
		if(isset($_GET['idtin'])){	
		include('chitiettin.php');	
		}else{
			
		if(isset($_GET['trang'])){
			if($_GET['trang']=='thoisu'){
			include("../editor/tinthoisu.php");
		}
			if($_GET['trang']=='thethao'){
			include("../editor/tinthethao.php");
		}
			if($_GET['trang']=='giaitri'){
			include("../editor/tingiaitri.php");
		}
			if($_GET['trang']=='phapluat'){
			include("../editor/tinphapluat.php");
		}
			if($_GET['trang']=='khoahoc'){
			include("../editor/tinkhoahoc.php");
		}
			if($_GET['trang']=='doisong'){
			include("../editor/tindoisong.php");
		}
			if($_GET['trang']=='congnghe'){
			include("../editor/tincongnghe.php");
		}
			// admin
			if($_GET['trang']=='tinhienthi'){
			include("qltinhienthi.php");
		}
			if($_GET['trang']=='tinan'){
			include("qltinan.php");
		}
			if($_GET['trang']=='thanhvien'){
			include("qlthanhvien.php");
		}
			if($_GET['trang']=='editor'){
			include("qleditor.php");
		}
			if($_GET['trang']=='binhluan'){
			include("qlbinhluan.php");
		}
			if($_GET['trang']=='quangcao'){
			include("qlquangcao.php");
		}
			if($_GET['trang']=='dangnhap'){
			include("dangnhap.php");
		}
			if($_GET['trang']=='dangky'){
			include("dangky.php");
		}
			if($_GET['trang']=='dangtin'){
			include("dangtin.php");
		}	
			if($_GET['trang']=='doiem'){
			include("doiemail.php");
		}
			if($_GET['trang']=='doimk'){
			include("doimk.php");
		}
	}  else{
		
	
	if(isset($_GET['idtl'])){
		$id=$_GET['idtl'];
		if($id == 1){	
			include('thoisu.php');}
		if($id == 2){	
			include('thethao.php');}
		if($id == 3){	
			include('giaitri.php');}
		if($id == 4){	
			include('congnghe.php');}
		if($id == 5){	
			include('doisong.php');}
		if($id == 6){	
			include('phapluat.php');}
		if($id == 7){	
			include('khoahoc.php');}
		if($id == 'home'){	
			include('trangchinh.php');}
		if($id == 'homepage'){	
			include('trangchinh - Copy.php');}			
		
		if(isset($_GET['tlt'])){
		$id=$_GET['tlt'];
		if($id == 1){	
			include('thoisu.php');}
		if($id == 2){	
			include('thethao.php');}
		if($id == 3){	
			include('giaitri.php');}
		if($id == 4){	
			include('congnghe.php');}
		if($id == 5){	
			include('doisong.php');}
		if($id == 6){	
			include('phapluat.php');}
		if($id == 7){	
			include('khoahoc.php');}
		if($id == 'home'){	
			include('trangchinh.php');}
		
		//editor
		if(isset($_GET['tl'])){
		
		if($_GET['tl'] == 1){	
			include('phapluat.php');}
		if($_GET['tl'] == 2){	
			include('thao.php');}
		if($_GET['tl'] == 3){	
			include('aitri.php');}
		if($_GET['tl'] == 4){	
			include('tincongnghe.php');}
		if($_GET['tl'] == 5){	
			include('tindoisong.php');}
		if($_GET['tl'] == 6){	
			include('tinphapluat.php');}
		if($_GET['tl'] == 7){	
			include('tinkhoahoc.php');}
		}
	}
		else{include('trangchinh.php');}
	}
	}
	
	//doimatkhau
	if(isset($_POST['doimk'])){
		$mkcu= md5($_POST['mktrc']);
		$mkmoi=md5($_POST['mkmoi']);
		$xn=md5($_POST['xacnhan']);
		
		if($mkcu != $_SESSION['Matkhau'])
		{
			echo "Nhập sai mật khẩu, vui lòng nhập lại";
		}else{
		if($mkmoi != $xn)
		{
			echo "Xác nhận mật khẩu không đúng";
		}
		else
		{
		$q="update user set Matkhau='$mkmoi' where `Hoten`='".$_SESSION['Hoten']."' and `Matkhau`='$mkcu'; ";
		$r=mysqli_query($dbc,$q) or die(mysqli_error($dbc));
		if(mysqli_affected_rows($dbc))
			{
			echo "OK!";
			}
			}
		}
	}
	
	if(isset($_POST['doiem']))
	{
		$email= ($_POST['email']);
		
		$q="update user set Email='$email' where `Hoten`='".$_SESSION['Hoten']."';";
		$r=mysqli_query($dbc,$q) or die(mysqli_error($dbc));
		if(mysqli_affected_rows($dbc)){
			echo "Email đã được thay đổi";
		}else{
			echo "Thao tác không thành công";	
		}
	}
	}
	}
?>
